[syslog-ng] FW: Syslog Problem

jrhendri at roadrunner.com jrhendri at roadrunner.com
Tue Aug 5 17:50:11 CEST 2014


I suggest using a much simplified syslog-ng.conf for testing.

Try something like this:

options {
  check_hostname(yes); # check if the hostname contains valid characters
  use_dns(no);   # do not resolve names for speed
  dns_cache(no); # no DNS cache since we do not resolve names
  keep_hostname(yes); # keep hostnames to enable related macros
  chain_hostnames(no); # do not track / forward syslog forwarder chain
  # options related to file and directories
  create_dirs(yes);
};


destination d_separatedbyhosts {
  file("/data/syslog-ng/$YEAR/$MONTH/$DAY/$HOST_FROM/$HOST_FROM.$FACILITY.$PRIORITY.$YEAR.$MONTH.$DAY");
};

The destination will automatically split out the data, creating separate directories and files for *anything* received.

I would also suggest a simpler network source (for testing)

source s_network {
  udp();
  tcp();
};

log {
  source(s_network);
  destination(d_separatedbyhosts);
};

Then when you see a packet come in *TO* the syslog-ng box with tcpdump, you can immediately verify whether or not it is logged.

Once that is working, you can move back to your desired configuration file (and if something breaks, you know you are at least getting the logs).

Jim


---- Riyas Ahamed <Riyas.Ahamed at csscorp.com> wrote: 
> Hi,
> 
> I have configured a syslog-ng server to capture network logs. I can able to fetch network logs of three devices.
> 
> But in fourth network device I can able to see packets are get polling into the syslog server in port 514 by using tcpdump command but I cannot find the network device in syslogng front end.
> 
> Syslog OS   : CentOS release 6.5 (Final)
> 
> Syslog Version  : syslog-ng 3.2.5
> 
> Along with this mail I have attached configuration file of syslogng server.
> 
> Please help me to resolve this issue.
> 
> Regards,
> N.B.RIAZ AHMED
> (9047166496)
> 
> 
> https://www.csscorp.com/email-disclaimer



More information about the syslog-ng mailing list